Our group includes PostDocs, PhD students, and student assistants, and is headed by Prof. Dr. Hasso Plattner. If you are interested in our work or want to join our team, please contact Dr. Matthias Uflacker.

Our team is giving a series of lectures and seminars with a focus on enterprise systems design and in-memory data management. Strong links to the industry ensure a close connection between theory and its implementation in the real world.

Our research focuses on the technical aspects of business software and the integration of different software systems to meet customer requirements. This involves studying the conceptual and technological aspects of in-memory databases, design principles, and programming methods for enterprise applications.

We continually strive to translate our research into practical outputs that improve the quality of enterprise applications. A close link to industry partners ensures relevance and impact of our work. Get here an overview of our current and previous projects.

Real-time Security Extensions for EPCglobal Networks

Below, you can browse through the slide deck of my disputation hold on Sep. 19, 2012 in Potsdam. The corresponding public notice of the HPI is available here.

Abstract

The number of detected counterfeits at the borders of the European Union (EU) increases steadily. Counterfeits of exclusive and expensive goods are ranked highest, e.g. pharmaceutical goods. Instead of using current identification techniques working on product classes, such as the Electronic Article Number (EAN), new identification methods working on item level, such as the Electronic Product Code (EPC), create the foundation of fine-grained tracking and tracing of individual goods. Appropriate techniques for automatic reading of product data, such as Radio Frequency Identification (RFID), instead of one-dimensional bar codes, can improve handling of goods. As a result, a product’s unique identity can be read automatically by passing it through reading gates. The gathered data can be verified and synchronized with enterprise applications, such as Enterprise Resource Planning (ERP) systems. For this purpose, the product’s identity, date and time of the reading, reading location, and further business relevant data are logged as events and stored in dedicated IT systems of supply chain parties in a distributed manner. Event data can be employed for a number of purposes, e.g. to verify certain goods or to identify the location of products affected by product recalls. In particular, with the help of gathered event data, heuristics can be used to validate the authenticity of products within seconds when passing them from one supply chain participant to the next. Furthermore, they can provide advices for decision taking when dealing with unknown suppliers or substitution products. The transformation towards an RFID-aided supply chain requires new technical equipment for capturing events and IT systems to store and exchange event data with other supply chain participants. Supply chain participants need to face the automatic exchange of event data with business partners for the very first time. Data protection of sensitive business secrets is therefore the major aspect that needs to be clarified before companies will start to adopt required transformation steps. The given work contributes towards data protection in EPCglobal networks as follows:

Design of transparent security extensions for EPCglobal networks for device- and business-level software,

Development of an access control mechanism for software components in EPCglobal networks based on the analysis of the complete query history to automatically protect event data,

Design of a fine-grained continuous filtering of event data instead of a currently widely used binary access decision,

Implementation of history-based access control based on an in-memory database to enable a real-time analysis of the complete query history, and

Integration of security extensions into the FOSSTRAK architecture to evaluate their applicability in context of the pharmaceutical industry.

The security extensions focus on event data since they need to be considered as sensitive data. Their knowledge can be misused to derive business secrets, e.g. business relationships. The given work defines strict requirements for the response time behavior of the security extensions to preserve a competitive advantage for business processes, e.g. during product receipt.

Architectural Overview

The Electronic Product Code (EPC) is the basis to identify product on instance level. In combination with Radio Frequency Identification (RFID) it enables wireless tracking and tracing of individual products throughout the product's lifecycle in the supply chain. Once a product passes a reading gate associated meta data is stored in distributed event repositories (EPCIS). For example, event data consist of the product's unique identifier, date and time, reading location, and involved business steps. Analysis of the product's event data is the basis for authenticity checks to prevent product counterfeits. However, the semantic combination of event data can be misused, e.g. to retrieve active product ingredients, to fake contents of packages, or to derive business relationships between business partners. The designed security extensions for EPCglobal networks address the control of access to event data, the secured exchange of event data, and its filtering by incorporating in-memory technology for the first time. They perform real-time analyses of the complete access history of every participant to derive individual access rights and to restrict access to event data even after their exposure. In contrast to traditional access control mechanisms that enable a bivalent control of access (access granted vs. access denied) the developed security extensions enable a continuous spectrum of access while filtering sensitive data from the result set. Feasibility of the security extensions are proofed by integrating them into the open-source event repository FOSSTRAK EPCIS.

EPCglobal Secure Tracking Demo

The mobile iPad app can be used to gather detailed information for any individual item equipped with an EPC. It summarizes all events that characterize the product's path through the supply chain. The app can be used in the following two operation modes (by the toggle button in the scanning screen):

Toggle button deactivated: The application communicates directly with the EPCIS repository via unsecured communication channels. In this mode, exchanged event data can be manipulated, exchanged, or faked without the knowledge of the requester. As a result, counterfeited products are hidden by manipulating the virtual product path.

Toggle button activated: The application uses the developed security extensions. All data is transparently encrypted by the Access Control Client (ACC) when exchanged between requester and EPCIS repository. In addition, the Access Control Server (ACS) logs the entire inquirer history. When taking an access decision, the history is analyzed and user-specific access rights are derived. Before reading events are exposed to the user of the app, the result are filtered accordingly. Due to the very late access control, it is possible to revoke access rights even after data has been sent to the client site.

The prototype verifies that enabling the security extensions does not significantly affect the processing speed of event data. As a result, the viability aspect of the innovation is demonstrated.

Querying EPCIS directly without Security Extensions

The product's EPC can either be scanned using the integrated iPad camera or entered manually. Then the query is sent via wireless LAN to the EPCIS of the manufacturer.

Traditionally, any user can query all relevant event data from the EPCIS of the manufacturer. In other words, the result set is not filtered in any way.

Real-time security extensions are enabled in the prototype by toggling the security button. Instead of sending the query directly to the EPCIS, it is now send to the local ACC of the inquirer. The ACC transparently handles encryption and filtering of exchanged event data.

When having security extensions enabled, the result set is filtered accordingly to the user's querying behavior by analyzing his query history in real-time. Particular information regarding the movements of the queried item is no longer displayed in detail, e.g. to prevent expose of company-internal business steps for the current user.

Open Positions

We are proud to announce " A Course in In-Memory Data Management" by Prof. Dr. h.c. Hasso Plattner. This book is the culmination of six years work of in-memory research. As such, it provides the technical foundation for combined transactional and analytical workloads inside one single database as well as examples of new applications that are now possible given the availability of the new technology. The book is available at Springer.